Add limit to how many accounts can be created per IP address.
This commit is contained in:
parent
7dc6a86441
commit
b93750f620
|
@ -25,6 +25,7 @@ logo_header_size = 24
|
|||
[credentials]
|
||||
allow_change_username = true
|
||||
allow_change_password = true
|
||||
max_accounts_per_ip = 4
|
||||
sqldb = csgenDB.sql
|
||||
|
||||
[logging]
|
||||
|
|
|
@ -22,6 +22,7 @@ $attachmentLocation = "attachments/";
|
|||
$requestLocation = "requests/";
|
||||
$historyLocation = "history/";
|
||||
$maxCommentSize = 1024;
|
||||
$maxAccountsPerIP = 4;
|
||||
|
||||
$configFile = "";
|
||||
|
||||
|
@ -62,4 +63,5 @@ if (isset($configEntries['allow_change_password'])) $allowPasswordChange = $conf
|
|||
if (isset($configEntries['public_account_create'])) $publicAccountCreation = $configEntries['public_account_create'];
|
||||
if (isset($configEntries['javascript'])) $javaScript = $configEntries['javascript'];
|
||||
if (isset($configEntries['max_comment_size'])) $maxCommentSize = $configEntries['max_comment_size'];
|
||||
if (isset($configEntries['max_accounts_per_ip'])) $maxAccountsPerIP = $configEntries['max_accounts_per_ip'];
|
||||
?>
|
||||
|
|
21
register.php
21
register.php
|
@ -16,20 +16,33 @@ if (isset($_REQUEST['username']) && isset($_REQUEST['password'])) {
|
|||
die();
|
||||
}
|
||||
|
||||
if ($storeAgent || $storeAgent == "true") $userAgent = getUserAgent();
|
||||
if ($storeCreated || $storeCreated == "true") $Created = date($dateFormat);
|
||||
if ($storeLastUsage || $storeLastUsage == "true") $lastUsed = date($dateFormat);
|
||||
if ($storeIP || $storeIP == "true") $ip = getIPAddress();
|
||||
|
||||
// check if a user by the same name already exists
|
||||
$ipAddresses = 0;
|
||||
$Database = createTables($sqlDB);
|
||||
$DatabaseQuery = $Database->query('SELECT * FROM users');
|
||||
while ($line = $DatabaseQuery->fetchArray()) {
|
||||
if ($storeIP || $storeIP == "true") {
|
||||
if ($line['ip'] == $ip) {
|
||||
$ipAddresses++;
|
||||
}
|
||||
}
|
||||
if ($line['username'] == "$Username" && $Username != "" && $line['username'] != "") {
|
||||
header("Location: register.php?e=exists");
|
||||
die();
|
||||
}
|
||||
}
|
||||
|
||||
if ($storeAgent || $storeAgent == "true") $userAgent = getUserAgent();
|
||||
if ($storeCreated || $storeCreated == "true") $Created = date($dateFormat);
|
||||
if ($storeLastUsage || $storeLastUsage == "true") $lastUsed = date($dateFormat);
|
||||
if ($storeIP || $storeIP == "true") $ip = getIPAddress();
|
||||
if ($storeIP || $storeIP == "true") {
|
||||
if ($ipAddresses > $maxAccountsPerIP) {
|
||||
header("Location: register.php?e=limit");
|
||||
die();
|
||||
}
|
||||
}
|
||||
|
||||
$Database->exec("INSERT INTO users(username, password, usertype, primaryadmin, numberofcomments, lastused, created, ip, useragent) VALUES('$Username', '$Password', '1', '0', '0', '$lastUsed', '$Created', '$ip', '$userAgent')");
|
||||
|
||||
|
|
Loading…
Reference in a new issue